CISO Insights: Voices in Cybersecurity

This podcast explores the "decisive role" Swedish businesses play in national resilience, ensuring that vital societal functions like energy, food distribution, and telecommunications continue to operate during armed conflict or severe crisis. We examine how companies prepare for the "two-week" continuity goal by mapping critical dependencies, implementing systematic cybersecurity measures—such as offline data backups—and training staff to recognize and resist malign information influence. Finally, the series details how public authorities and private enterprises coordinate through a "public-private collaboration" framework to manage complex threats, supply chain disruptions, and the mobilization of personnel for total defence duty.

 

Sponsors:

https://www.cisomarketplace.services

https://www.compliancehub.wiki

Organizations today are struggling with a rapidly growing system of overlapping European frameworks, such as NIS2, DORA, and the GDPR, which often results in duplication of work and high administrative burdens. By adopting a Harmonised Security Management System (HSMS) and the Layered Framework Control Fabric (L-FCF), these entities can implement a "meta-compliance" strategy where a single set of controls meets multiple legal and normative requirements simultaneously. This shift from "island solutions" to an integrated model significantly reduces audit overload while strengthening operational cyber resilience through a coordinated, organisation-wide management cycle.

 

Sponsors:

https://www.cisomarketplace.services

https://compliancehub.wiki

https://compliance.airiskassess.com

https://eumapping.compliancehub.wiki

https://baseline.compliancehub.wiki

We explore the rapid paradigm shift from passive chatbots to autonomous "agentic" AI, where new standards like the Model Context Protocol (MCP) grant systems the power to execute code and access sensitive files. Drawing on a massive empirical study of over 31,000 agent skills and real-world espionage campaigns like GTG-1002, we expose how attackers leverage "tool poisoning" and indirect prompt injection to hijack these agents for data exfiltration. Finally, we unpack essential defense strategies, including the NIST AI Risk Management Framework and the new OWASP Top 10 for Agentic Applications, to help organizations close the dangerous "consent gap" between user permissions and agent actions.

https://cisomarketplace.com/blog/agentic-desktop-agents-ai-local-file-access-security

https://cisomarketplace.com/blog/agentic-browser-revolution-ciso-guide-ai-attack-surface

https://cisomarketplace.com/blog/workflow-automation-blind-spot-zapier-n8n-power-automate-security

https://cisomarketplace.com/blog/ai-agent-security-crisis-mcp-vulnerabilities

https://cisomarketplace.com/blog/agent-skills-next-ai-attack-surface

https://breached.company/over-1-000-clawdbot-ai-agents-exposed-on-the-public-internet-a-security-wake-up-call-for-autonomous-ai-infrastructure/

 

Sponsors:

https://airiskassess.com

https://compliance.airiskassess.com

https://cloudassess.vibehack.dev

https://vibehack.dev

Join us as we analyze the 2026 data protection landscape, where a stabilization in aggregate GDPR fines contrasts with a sharp 22% increase in breach notifications fueled by geopolitical tensions. We discuss how the EU's proposed "Digital Omnibus" aims to streamline the complex "Digital Decade" regulations, even as authorities ramp up enforcement against AI systems like Replika and scrutinize "consent or pay" models. The episode concludes by examining the widening gap between the EU’s focus on personal liability and the UK’s shift toward a pro-innovation, "less is best" regulatory environment following the Data (Use and Access) Act 2025.

DLA Piper PDF Downloads: www.compliancehub.wiki/gdpr-enforcement-and-data-breach-landscape-a-synthesis-of-2025-2026-trends

Digital Omnibus episode: https://podcast.cisomarketplace.com/e/red-tape-vs-rights-unpacking-the-eus-digital-omnibus-proposal/

 

Sponsors:

www.compliancehub.wiki

www.cisomarketplace.services

The European Commission has introduced the "Digital Omnibus," a sweeping legislative package designed to streamline digital rules like the GDPR and AI Act to reduce administrative burdens and foster innovation. However, privacy experts warn that shifting to a subjective definition of "personal data" and creating broad commercial exemptions for "scientific research" could severely undermine fundamental rights and generate significant legal uncertainty. We analyze the clash between the Commission's promise of €5 billion in compliance savings and the potential erosion of data protection enforcement across Europe.

www.compliancehub.wiki/analysis-of-the-proposed-digital-omnibus-regulation

 

Sponsors:

www.compliancehub.wiki

www.cisomarketplace.services

https://airiskassess.com